7573 matches found
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
PT-2023-27115 · N.V.K.Inter Co. · Ibsg
Name of the Vulnerable Software and Affected Versions: N.V.K.INTER CO., LTD. NVK iBSG version 3.5 Description: The issue is related to a hardcoded root password in the software, which allows attackers to login with root privileges via the SSH service. Recommendations: For version 3.5, consider...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39808
CVE-2023-39808 affects N.V.K. INTER iBSG v3.5. The vulnerability stems from a hardcoded root password, enabling an attacker to log in with root privileges over SSH. Public sources corroborate the issue and assign a high severity (CVSSv3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No exploitatio...
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
Hardcoded credentials
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204 NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204 NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
CVE-2023-4204
The CVE-2023-4204 entry applies to MOXA NPort IAW5000A-I/O Series devices. Affected firmware versions are v2.2 and prior. The vulnerability stems from a hardcoded credential (key) embedded in the device, which could potentially allow firmware manipulation and compromise of the device’s security a...
Hardcoded credentials
lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected...
AudioCodes VoIP Phones Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-054 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...
CVE-2023-3265
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this...
Hardcoded credentials
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...
Hardcoded credentials
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...
PT-2023-7583 · Aleos · Aleos
Name of the Vulnerable Software and Affected Versions: ALEOS versions 4.16.0 and earlier Description: The issue is related to the use of a hardcoded SSL certificate and private key in several versions of ALEOS. This could allow an attacker with access to these items to perform a man-in-the-middle...
Hardcoded credentials
An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...
Hardcoded credentials
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...
Hardcoded credentials
Use of hard-coded credentials in some IntelR UnisonTM software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access...
Hardcoded credentials
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz - Homework Helper App: before 6.2.3...